Network Management - Snowboundport37/champlain GitHub Wiki

Lab: Network Management

Overview

In this lab, we will configure SNMP services on fw01, web01, and ad01, and set up a network monitoring system on nmon01. The objective is to establish SNMP-based monitoring across the environment and validate connectivity and functionality.

Prerequisites

web01 is configured with:
- IP: 10.0.5.200/24
- Hostname: web01-yourname
- AD: Not joined
- DNS: Resolving correctly
Active Directory (AD01) and DNS names are resolving.
All VMs are accessible via SSH or Remote Desktop.

Steps

Step 1: Configure `fw01` SNMP Service

Enable SNMP Service:
- Navigate to the SNMP settings in the pfSense WebUI (https://10.0.5.2).
- Enable the SNMP Daemon.
- Set the following values:
  - System Contact: yourname
  - Community String: SYS265
  - Bind Interface: LAN
- Save the changes.
Restart SNMP Service:
- In the pfSense WebUI, restart the SNMP service.
Verify SNMP:
- Use nmon01 to query fw01:
```
snmpwalk -Os -c SYS265 -v2c fw01-yourname system
```
- Take a screenshot of the output for Deliverable 1.

Step 2: Configure `nmon01`

Set Up Networking:
- IP: 10.0.5.11/24
- Gateway: 10.0.5.2
- DNS: 10.0.5.5
- Hostname: nmon01-yourname
- Add domain to the search suffix in the network configuration.
Harden Security:
- Disable root SSH access.
- Create a named sudo user.

Install SNMP Tools:

Install the SNMP client:

sudo apt install snmp snmp-mibs-downloader -y

Test SNMP connectivity:

snmpwalk -Os -c SYS265 -v2c fw01-yourname system

Step 3: Install SNMPD on `web01`

Install SNMP Server:

Install net-snmp:

sudo dnf install net-snmp net-snmp-utils -y

Backup Configuration:
- Create a backup of the default configuration:
```
sudo cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
```

Create New Configuration:

Edit the SNMP configuration file:
```
sudo nano /etc/snmp/snmpd.conf
```

Add the following lines:

com2sec myNetwork 10.0.5.0/24 SYS265
group myROGroup v2c myNetwork
view all included .1 80
access myROGroup "" any noauth exact all none none

Enable and Start SNMP:
- Start the SNMP service:
```
sudo systemctl enable --now snmpd
```

Open Firewall:

Allow SNMP traffic:

sudo firewall-cmd --add-port=161/udp --permanent
sudo firewall-cmd --reload

Verify Configuration:

Test SNMP locally:

snmpwalk -Os -c SYS265 -v2c localhost system

Query web01 from nmon01:
- Run:
```
snmpwalk -Os -c SYS265 -v2c web01-yourname system
```
- Save the output for Deliverable 2.

Step 4: Configure `ad01`

Install SNMP Service:
- From MGMT01, open Server Manager and add the SNMP feature to AD01.
Enable SNMP:
- Open SNMP Service properties.
- Add SYS265 as the community string.
- Limit access to nmon01 (10.0.5.11).

Open Firewall:

On AD01, run:

Enable-NetFirewallRule -Group "Remote Event Log Management"

Restart SNMP:
- Restart the SNMP service:
```
Restart-Service snmp
```
Query ad01 from nmon01:
- Run:
```
snmpwalk -Os -c SYS265 -v2c ad01-yourname system
```
- Save the output for Deliverable 3.

Step 5: Capture SNMP Packets

Set Up web01:

Install tcpdump:
```
sudo dnf install tcpdump -y
```

Start packet capture:

sudo tcpdump -i ens192 port 161 -A -c 10

Query web01 from nmon01:
- Run:
```
snmpwalk -Os -c SYS265 -v2c web01-yourname system
```
- Capture and save the output for Deliverable 4.

Deliverables

Deliverable 1: Screenshot of SNMP values from fw01.
Deliverable 2: Output of SNMP query on web01 from nmon01.
Deliverable 3: Output of SNMP query on ad01 from nmon01.
Deliverable 4: Screenshot of tcpdump showing SNMP packets and the community string in clear text.
Deliverable 5: Tech Journal entry with:
- Notes on SNMP configuration and testing.
- Research on at least three SNMP-related topics.
- Reflection on troubleshooting and setup challenges.

Notes

Ensure all configurations are saved and persistent.
Test connectivity and SNMP functionality after each step.
Use screenshots to document progress for each deliverable.